Safety Cases: Purpose, Process and Prospects John McDermid, OBE FREng University of York UK.

Slides:



Advertisements
Similar presentations
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
Advertisements

You have been given a mission and a code. Use the code to complete the mission and you will save the world from obliteration…
Requirements Engineering Processes – 2
Planning Reports and Proposals
Advanced Piloting Cruise Plot.
Slide 1 Insert your own content. Slide 2 Insert your own content.
The 4 T’s of Test Automation:
Chapter 1 The Study of Body Function Image PowerPoint
Copyright © 2011, Elsevier Inc. All rights reserved. Chapter 5 Author: Julia Richards and R. Scott Hawley.
1 Copyright © 2010, Elsevier Inc. All rights Reserved Fig 2.1 Chapter 2.
By D. Fisher Geometric Transformations. Reflection, Rotation, or Translation 1.
No 1 IT Governance – how to get the right and secured IT services Bjorn Undall and Bengt E W Andersson The Swedish National Audit Office Oman
1 System Engineers Toolbox 1 Compliance Automation, Inc. INCOSE: NM Enchantment Chapter By Cheryl Hill August 12, 2009.
Introduction to Product Family Engineering. 11 Oct 2002 Ver 2.0 ©Copyright 2002 Vortex System Concepts 2 Product Family Engineering Overview Project Engineering.
1 Introduction to Safety Management April Objective The objective of this presentation is to highlight some of the basic elements of Safety Management.
HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.
Business Transaction Management Software for Application Coordination 1 Business Processes and Coordination.
Objectives To introduce software project management and to describe its distinctive characteristics To discuss project planning and the planning process.
ActionDescription 1Decisions about planning and managing the coast are governed by general legal instruments. 2Sectoral stakeholders meet on an ad hoc.
The Managing Authority –Keystone of the Control System
1 Managing Authority Conducting a self assessment 10 June 2008 A. Badrichani – DG Regional Policy – Audit Unit J3.
Module N° 7 – Introduction to SMS
Whole Airspace Safety Case Meeting – Overview of Prior Work – 1 Whole Airspace Safety Case Meeting Overview of Prior Work Tim Kelly John McDermid Department.
Whole Airspace ATM System Safety Case - Preliminary Study
One Sky for Europe EUROCONTROL © 2002 European Organisation for the Safety of Air Navigation (EUROCONTROL) Page 1 FAA/Eurocontrol Technical Interchange.
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Title Subtitle.
Illinois Department of Children and Family Services, Pathways to Strengthening and Supporting Families Program April 15, 2010 Division of Service Support,
My Alphabet Book abcdefghijklm nopqrstuvwxyz.
0 - 0.
DIVIDING INTEGERS 1. IF THE SIGNS ARE THE SAME THE ANSWER IS POSITIVE 2. IF THE SIGNS ARE DIFFERENT THE ANSWER IS NEGATIVE.
SUBTRACTING INTEGERS 1. CHANGE THE SUBTRACTION SIGN TO ADDITION
Addition Facts
Year 6 mental test 5 second questions
Chapter 3 Critically reviewing the literature
Project Appraisal Module 5 Session 6.
The Course experience questionnaire (P. Ramsden) Designed as a performance indicator 24 statements relating to 5 aspects 1 overall satisfaction statement.
ZMQS ZMQS
IAEA Training in Emergency Preparedness and Response Module L-051 General Concepts of Exercises to Test Preparedness Lecture.
1 European benchmarking with the CAF ROME 17-18th of November 2003.
1 Implementing Internet Web Sites in Counseling and Career Development James P. Sampson, Jr. Florida State University Copyright 2003 by James P. Sampson,
1 Risk Reasoning Ltd Risk Management Made Easy Mark Swabey & Stuart Gruszka If I were you, I wouldnt start from here Getting Enterprise Risk Management.
Quality Assurance/Quality Control Plan Evaluation February 16, 2005.
ABC Technology Project
Core Curriculum for Clinical Coaching Intro - VNIP Model
Quality Manual for Interoperability Testing Morten Bruun-Rasmussen Presented by Milan Zoric, ETSI.
1 Vince Galotti Chief/ATMICAO 27 March 2007 REGULATING THROUGH SAFETY PERFORMANCE TARGETS.
Squares and Square Root WALK. Solve each problem REVIEW:
Software Processes.
Do you have the Maths Factor?. Maths Can you beat this term’s Maths Challenge?
Air Transport Association of Canada A presentation by John McKenna ATAC President and CEO.
© 2012 National Heart Foundation of Australia. Slide 2.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 27 Slide 1 Quality Management.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 5 Slide 1 Project management.
This, that, these, those Number your paper from 1-10.
Chapter 5 Test Review Sections 5-1 through 5-4.
SIMOCODE-DP Software.
GG Consulting, LLC I-SUITE. Source: TEA SHARS Frequently asked questions 2.
OHT 5.1 © Marketing Insights Limited 2004 Chapter 5 E-business Strategy.
HIGH COUNCIL FOR ECONOMY, INDUSTRY, ENERGY AND TECHNOLOGIES 1 Metrology policies to foster the competitiveness of industry J.F. Magaña.
Addition 1’s to 20.
25 seconds left…...
Week 1.
We will resume in: 25 Minutes.
A SMALL TRUTH TO MAKE LIFE 100%
Screen 1 of 20 Reporting Food Security Information Reporting for Results Learning Objectives At the end of this lesson you will be able to: understand.
1 PART 1 ILLUSTRATION OF DOCUMENTS  Brief introduction to the documents contained in the envelope  Detailed clarification of the documents content.
© 2007 BST. All rights reserved. Confidential Information. SLU – 1 PDS_139 (0503) L2 Applying Problem- Solving Tools.
Software Safety Case Why, what and how… Jon Arvid Børretzen.
Presentation transcript:

Safety Cases: Purpose, Process and Prospects John McDermid, OBE FREng University of York UK

2 » Safety cases Basic concepts Purpose(s) » Process Used for system acceptance Used for argument construction » Prospects Better safety cases Integration of approaches » Conclusions Outline

3 » A safety case is: A structured argument, supported by evidence, which provides a comprehensive and compelling case that a system is safe to operate, in a given scenario » Compared to a safety assessment report (SAR) Big difference is the argument (in the sense of a justification) But what might we argue? Safety Case Concept

4 » Examples might be Completeness and quality of hazard identification » Including use of skilled people Appropriateness of risk reduction » Including proper use of (MilStd 882) priorities Tolerability of risk » More than just acceptance by authority, e.g. ALARP or cost- benefit analysis In general, things which are often implicit in a SAR Possible Arguments

5 » Safety cases can be used for many purposes Sub-systems rather than systems (like SSAR) Through the process, e.g. preliminary safety case » Initially just the argument, to see if it would be acceptable if it could be supported by evidence at the end Different roles » Overall system, e.g. aircraft, safety case » Integrated view, e.g. system of systems » Operational, e.g. for a mission Focus, for now, on system acceptance Purpose(s)

6 » A safety case is too big to deliver No aircraft could lift its own (paper) safety case » A safety case report is A document which summarises the arguments and evidence of the safety, and documents progress against the safety programme Really two roles » Deliverable summarising (final) safety case » Progress reports, including evidence generation Safety Case and Reports

7 » Safety cases Basic concepts Purpose(s) » Process Used for system acceptance Used for argument construction » Prospects Better safety cases Integration of approaches » Conclusions Outline

8 » The MoD process is focused on acceptance Used as an illustration as it is probably the closest approach to US DoD practices » Focuses on safety case report at the end » In practice, earlier drafts issued Could also support uses in other domains References to SMP are to Safety Management System Procedures out of MoDs POSMS (Project Oriented Safety Management System) MoD Process

9 Role of (Final) Safety Case

10 Safety Cases and Reports

11 Argument Construction Process (1)

12 » The process is quite judgmental Not unusual in safety engineering Hence easy to do it wrong Not very much guidance on good practice » Available guidance Some published argument patterns » Typical approaches, e.g. argument over hazards Tim Kellys thesis And see later Argument Construction Process (2)

13 » Following are key elements of most standards: Scope System Description System Hazards Safety Requirements Risk Assessment Hazard Control / Risk Reduction Measures Safety Analysis / Test Safety Management System Development Process Justification Conclusions Typical Safety Case Contents

14 » Purpose of a Goal Structure Diagrammatic notation to make argument clear To show how goals are broken down into sub-goals, and eventually supported by evidence (solutions) whilst making clear the strategies adopted, the rationale for the approach (assumptions, justifications) and the context in which goals are stated Goal Structuring Notation A/J

15 Simple Example » Example based on a hypothetical factory situation Assumed to be at a town called Whatford in the UK » The factory contains a metal press Presses sheet steel to make car body parts Has a single operator who inserts metal sheets and removes parts Interlock to protect operator

16 A Simple Goal Structure

17 A Simple Goal Structure

18 Simple Goal Structure

19 » Safety cases Basic concepts Purpose(s) » Process Used for system acceptance Used for argument construction » Prospects Better safety cases Integration of approaches » Conclusions Outline

20 » Learning from experience Nimrod XV230 is salutary » Pragmatism Understanding when » Arguments add value, and when they dont Understanding the nature of arguments » See next slide Better reviewing » Make safety case report basis for challenge Better Safety Cases

21 The McDermid Square

22 » ANSI, MilStd 882, ARP Familiar-Familiar – evidence standard documents, possibly only argue confidence in evidence » UAS Familiar-Familiar for standard aspects Unfamiliar-Unfamiliar – e.g. sense and avoid » Argument that problem well enough characterised that solution will be adequate (safe) » Argument that solution works across all scenarios Integration of Approaches

23 » Safety cases Basic concepts Purpose(s) » Process Used for system acceptance Used for argument construction » Prospects Better safety cases Integration of approaches » Conclusions Outline

24 » Safety cases/reports can add value Primarily arguments to articulate rationale in novel/complex systems/situations Secondarily confidence (even in standard bits) » Safety cases hard to construct well Need to avoid them where they dont add value Need better guidance on development/review » Safety case (argument) patterns helpful but insufficient » A good starting point would be a systematic review Conclusions

25 » For the definition of the notation see: andard.pdf This is a community standard but it is quite stable There are also support tools, some of which are linked from: Goal Structuring Notation

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.